Gratuitous ARP is wrong #225
Closed
Comments
|
Thanks for the report - we're indeed doing it pretty wrong. I'll fix this up. |
|
I'd guess a branch off 2.8.0 release with having only this fixed (and a 2.8.1 release) would make people, instead of waiting till master is in a state to be released (which requires new mirage-types release).... |
yomimono
added a commit
to yomimono/mirage-tcpip
that referenced
this issue
Jul 15, 2016
Per RFC 826, don't look at the `op` field of the packet before deciding whether to use it to update the cache. Also, construct gratuitous ARP packets as Requests, not Replies, and set the destination host address to the source host address. This fixes mirage#225.
yomimono
added a commit
to yomimono/mirage-tcpip
that referenced
this issue
Jul 15, 2016
Per RFC 826, don't look at the `op` field of the packet before deciding whether to use it to update the cache. Also, construct gratuitous ARP packets as Requests, not Replies, and set the destination host address to the source host address. This fixes mirage#225.
yomimono
added a commit
to yomimono/mirage-tcpip
that referenced
this issue
Jul 15, 2016
Per RFC 826, don't look at the `op` field of the packet before deciding whether to use it to update the cache. Also, construct gratuitous ARP packets as Requests, not Replies, and set the destination host address to the source host address. This fixes mirage#225.
mato
added a commit
to mato/docker-unikernel-runner
that referenced
this issue
Aug 10, 2016
This pulls in the GARP fix from mirage/mirage-tcpip#225 which helps with #1, and no longer uses the solo5/opam-solo5 remote for Solo5. Further net.ipv4.conf.docker0.arp_accept is set to 1 for Travis which should make the tests run more reliably.
samoht
pushed a commit
to samoht/mirage-tcpip
that referenced
this issue
Apr 4, 2017
Per RFC 826, don't look at the `op` field of the packet before deciding whether to use it to update the cache. Also, construct gratuitous ARP packets as Requests, not Replies, and set the destination host address to the source host address. This fixes mirage#225.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
RFC 5227, section 3 (https://tools.ietf.org/html/rfc5227#section-3) says it should be a ARP request with spa = tpa (mirage-tcpip uses a ARP reply with tpa = broadcast). Section 3 also makes it clear why an ARP reply is a bad idea. Related to mato/docker-unikernel-runner#1 (setting
arp_accept(somewhere in proc on linux) to the bridge and sending an ARP request solves the issue (just verified with @mato)).Discovered while reimplementing ARP (https://github.com/hannesm/arp - https://hannes.nqsb.io/Posts/ARP)
The text was updated successfully, but these errors were encountered: